Concerns lifted over sly spyware company’s rumoured sale

A distinguished digital rights organisation is sounding a alarm after reports that a argumentative developer of government-grade view program might be adult for sale.

The University of Toronto’s Citizen Lab, whose researchers have authored mixed reports on a a injustice of spyware grown by a association called NSO Group, sent a minute to a company’s rumoured customer on Tuesday with a list of questions and concerns.

“We titillate we to delicately cruise a tellurian rights and reliable implications of an investment in a spyware association such as NSO Group,” reads a letter, that is addressed to a house of directors of investment organisation Blackstone Group, and sealed by Citizen Lab executive Ron Deibert.

Citizen Lab researchers have found that view program grown by NSO Group has been used to aim a tellurian rights romantic in a United Arab Emirates, and reporters investigating corruption in a Mexican government, among others.

Reuters reported over a weekend that Blackstone was charity $400 million US in sell for a 40 per cent interest in a Israeli-based company, citing a news by a country’s Calcalist business newspaper. Blackstone depends former Canadian primary apportion Brian Mulroney among a directors.

NSO Group is now owned by another investment firm, San Francisco-based Francisco Partners, that purchased a infancy interest in a association for $120 million in 2014, and deliberate offered that interest a following year.

“These firms might have singular knowledge appropriation companies that do descent cyber, that sell zero-days, or that sell spyware,” pronounced John Scott-Railton, one of Citizen Lab’s comparison researchers and a lead author on a NSO organisation reports. 

“Although they have delicately crafted statements committing them to obliged investment … these might predate a bullion rush towards investing in companies charity descent capabilities,” he said.

The million-dollar target

Citizen Lab has published 5 reports during a final year that fact a crude use of spyware grown by NSO Group, and has asked whether Blackstone has deliberate a risks of investing in a company.

More generally, a researchers have also asked Blackstone whether it has “any specific policies or reliable discipline concerning investments in firms such as NSO Group that sell zero-day exploits and notice technology.” 

CBC News has asked Blackstone for criticism on a letter, and will refurbish this story if we hear back.

In Citizen Lab’s first report on NSO Group spyware from Aug 2016, researchers unclosed efforts to aim an iPhone belonging to UAE-based tellurian rights romantic Ahmed Mansoor.

The conflict relied on 3 zero-day exploits — a tenure used to impute to tip program vulnerabilities that have not been formerly disclosed or patched by a software’s manufacturer. Citizen Lab researchers remarkable that a identical sequence of exploits had been sole for $1 million in 2015. 

And in new months, Citizen Lab has minute identical attacks in Mexico targeting journalists, lawyers, activists, scientists, opposition celebration politicians, and international experts questioning a blank persons case.  

In any case, a targets perceived messages containing links that, if clicked, would taint their inclination with a NSO Group’s view tool.

An NSO spokesperson told Motherboard last year that its agreements with clients “require that a company’s products usually be used in a official manner.”

Article source: http://www.cbc.ca/news/technology/nso-group-blackstone-citizen-lab-spyware-developer-sale-1.4221442?cmp=rss